Comments on: Outlook 2007 Certificate Error? http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/ Just another IT guy! Sat, 17 May 2008 00:42:57 +0000 http://wordpress.org/?v=abc By: kingofbytes http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-4161 kingofbytes Mon, 05 May 2008 21:53:28 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-4161 Sir, you are to be commended for your contributions. Thank you very much! -Kingofbytes Sir, you are to be commended for your contributions. Thank you very much!
-Kingofbytes

]]> By: ketrasap http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3844 ketrasap Thu, 17 Apr 2008 07:03:56 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3844 Thanks Alot, I've been trying to fix this issue for months now. Thanks Alot,

I’ve been trying to fix this issue for months now.

]]> By: Elan Shudnow http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3329 Elan Shudnow Tue, 01 Apr 2008 10:13:26 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3329 I have an article that details publishing the autodiscover service in ISA: http://www.shudnow.net/2007/07/15/publishing-exchange-2007-autodisover-in-isa-2006/ One of the things is that ISA 2006 will only read the CN or the 1st SAN name, so you have to trick ISA to make autodiscover publishing to work. I explain how to do that. I have an article that details publishing the autodiscover service in ISA:
http://www.shudnow.net/2007/07/15/publishing-exchange-2007-autodisover-in-isa-2006/

One of the things is that ISA 2006 will only read the CN or the 1st SAN name, so you have to trick ISA to make autodiscover publishing to work. I explain how to do that.

]]> By: petoulachi http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3328 petoulachi Tue, 01 Apr 2008 08:57:43 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3328 Hi, I can't make autodiscover work from outside, maybe you could take a look at http://forums.msexchange.org/Another_Autodiscover_problem/m_1800470564/tm.htm if you have a solution :) Hi,

I can’t make autodiscover work from outside, maybe you could take a look at http://forums.msexchange.org/Another_Autodiscover_problem/m_1800470564/tm.htm if you have a solution :)

]]> By: njaggers http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3185 njaggers Sun, 23 Mar 2008 22:40:23 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3185 Thanks! I went into EMC and changed the setting that way. The PS script kept giving me problems. Thanks! I went into EMC and changed the setting that way. The PS script kept giving me problems.

]]> By: Elan Shudnow http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3138 Elan Shudnow Sat, 22 Mar 2008 16:06:40 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3138 It's not saying it cannot find your DC, it's saying it cannot find CASServer, which is your client access server, but might also be a DC if you configured it that way (not recommended). Make sure you replace the word CASServer with the server that has the RPC over HTTP Proxy component installed on it which should be a Client Access Server. So if your Client Access Server's name is CHIEXCCAS01 and your certificate has a name of mail.shudnow.net, you would do: set-outlookanywhere -identity CHIEXCCAS01 -externalhostname “mail.shudnow.net” -externalauthenticationmethod “basic”-ssloffloading:$false Make sure you replace externalauthenticationmethod with clientauthenticationmethod if you're using SP1. If that doesn't work, as I said, go into the Exchange Management Console and just manually set it. It’s not saying it cannot find your DC, it’s saying it cannot find CASServer, which is your client access server, but might also be a DC if you configured it that way (not recommended). Make sure you replace the word CASServer with the server that has the RPC over HTTP Proxy component installed on it which should be a Client Access Server.

So if your Client Access Server’s name is CHIEXCCAS01 and your certificate has a name of mail.shudnow.net, you would do:

set-outlookanywhere -identity CHIEXCCAS01 -externalhostname “mail.shudnow.net” -externalauthenticationmethod “basic”-ssloffloading:$false

Make sure you replace externalauthenticationmethod with clientauthenticationmethod if you’re using SP1.

If that doesn’t work, as I said, go into the Exchange Management Console and just manually set it.

]]> By: njaggers http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3118 njaggers Sat, 22 Mar 2008 03:27:34 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3118 Thanks for the reply. I inputed this command into PS: set-outlookanywhere -identity CAServer -externalhostname "mail.domain.com" -externalauthenticationmethod "basic"-ssloffloading:$false This is the response from PS: set-outlookanywhere : the operation could not be performed because object 'CAServer' could not be found on the domain controller 'server.local' What am I missing here? All my mail flow is working correctly so I don't know why PS reported cannot locate my dc. Also, when I attempted to input the command into PS using the -server command instead of the -identity command, this is what returned: set-outlookanywhere : a parameter cannot be found that matches parameter name 'server' I think I have been messing with this so long I am missing something obvious. Any insight would be appreciated. Thanks for the reply. I inputed this command into PS:

set-outlookanywhere -identity CAServer -externalhostname “mail.domain.com” -externalauthenticationmethod “basic”-ssloffloading:$false

This is the response from PS: set-outlookanywhere : the operation could not be performed because object ‘CAServer’ could not be found on the domain controller ’server.local’

What am I missing here? All my mail flow is working correctly so I don’t know why PS reported cannot locate my dc. Also, when I attempted to input the command into PS using the -server command instead of the -identity command, this is what returned: set-outlookanywhere :

a parameter cannot be found that matches parameter name ’server’

I think I have been messing with this so long I am missing something obvious. Any insight would be appreciated.

]]> By: Elan Shudnow http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3097 Elan Shudnow Thu, 20 Mar 2008 22:08:31 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3097 You can try going into the Exchange Management Console and specifying the proper URL there. Or you can try doing Set instead of Enable. RTM: Set-OulookAnywhere -Server CASServer -ExternalHostname “mail.shudnow.net” -ExternalAuthenticationMethod “Basic”-SSLOffloading:$False SP1: Set-OulookAnywhere -Server CASServer -ExternalHostname “mail.shudnow.net” -ClientAuthenticationMethod “Basic”-SSLOffloading:$False You can try going into the Exchange Management Console and specifying the proper URL there.

Or you can try doing Set instead of Enable.

RTM:
Set-OulookAnywhere -Server CASServer -ExternalHostname “mail.shudnow.net” -ExternalAuthenticationMethod “Basic”-SSLOffloading:$False

SP1:
Set-OulookAnywhere -Server CASServer -ExternalHostname “mail.shudnow.net” -ClientAuthenticationMethod “Basic”-SSLOffloading:$False

]]> By: njaggers http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3096 njaggers Thu, 20 Mar 2008 21:59:23 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3096 Thanks for the great article. However, I am having a problem with one of the powershell scripts. When I execute the enable-outlookanywhere command, this is the error I receive: enable-outlookanywhere : the virtual directory 'rpc' already exists under 'CAServer.domain.local/default web site'. Parameter name: virtualdirectoryname Any thoughts on what this means and how to properly execute the script in powershell? Thanks for the great article. However, I am having a problem with one of the powershell scripts. When I execute the enable-outlookanywhere command, this is the error I receive:

enable-outlookanywhere : the virtual directory ‘rpc’ already exists under ‘CAServer.domain.local/default web site’. Parameter name: virtualdirectoryname

Any thoughts on what this means and how to properly execute the script in powershell?

]]> By: Elan Shudnow http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3074 Elan Shudnow Wed, 19 Mar 2008 15:37:58 +0000 http://www.shudnow.net/2007/08/10/outlook-2007-certificate-error/#comment-3074 Set the URL appropraitely for the ActiveSync service and make sure the FQDN of the URL is contained in the certificate. You really need to get your DNS set up and get all the FQDN's you need in your certificate. None of your services will work properly until you do so. If you need more assistance, I'll check back later today. I need to get back to work. Hope you get this sorted. Set the URL appropraitely for the ActiveSync service and make sure the FQDN of the URL is contained in the certificate. You really need to get your DNS set up and get all the FQDN’s you need in your certificate. None of your services will work properly until you do so.

If you need more assistance, I’ll check back later today. I need to get back to work. Hope you get this sorted.

]]>